Privacy Policy
This privacy policy covers Nash — the service at nash-checkout.pier39.ai (powered by the open nash.v1 protocol), plus any AI shopper agent that talks to it on your behalf, including the Nash MCP connector (used in Claude Desktop, Cowork, and other MCP clients) and the Nash Custom GPT.
Nash does two things, and this policy covers both:
- Shopping & checkout — you ask an AI agent to find a product; Nash helps you place a real order and pay for it. This involves your name, email, shipping address, and a payment.
- Negotiation proxy — the legacy nash.v1 chat flow that forwards messages between a shopper agent and a store's seller agent. This involves only request metadata and the messages themselves.
Effective date: November 2025 · Last updated: June 2026
What we collect
When you place an order (shopping & checkout)
To create and fulfill an order, Nash collects the information you provide to your AI agent and pass to us:
- Contact details: your name and email address.
- Shipping address: the full address the order ships to (street, city, state, ZIP, country).
- Order details: the store, product and variant, quantity, and the price you agreed to.
This information is necessary to take your order, charge you, and place the order with the merchant.
Payment information is handled by Stripe, not by Nash. When you complete a purchase, you enter your card details directly on Stripe Checkout (a PCI-DSS Level 1 provider). Nash never sees or stores your full card number, CVC, or other sensitive payment credentials. We receive only a payment confirmation and limited, non-sensitive details from Stripe (for example, a payment/charge identifier and the last four digits, used to match payments to orders and to process refunds). See Stripe's privacy policy.
When you use the negotiation proxy
When a shopper agent calls our proxy API, we receive:
- HTTP request metadata: your IP address, user agent, request timestamp, and the URL you called. Standard server log data, retained for up to 30 days for abuse prevention and rate limiting.
- Negotiation messages: the shopper turns you (or your AI agent) send to a store, plus the merchant agent's replies. Stored in memory for the duration of an active chat session (up to 1 hour idle) and then discarded. We do NOT retain negotiation transcripts after a session ends.
- The product and store you negotiate with: needed to route your request to the correct storefront.
We do NOT collect
- Your full card number, CVC, or other sensitive payment credentials — these go directly to Stripe and never touch Nash's servers.
- Browser fingerprints or cross-site advertising trackers.
- More personal information than is needed to complete your order or route your request.
What we do with it
Order data
- Take and confirm your order: create a Stripe Checkout session so you can pay, and send you an order confirmation by email.
- Place the order with the merchant: after payment succeeds, we submit your order to the store using your name, email, and shipping address so the merchant can fulfill and ship it. The merchant sends you their own order and shipping notifications directly.
- Customer support, refunds, and disputes: we use your order and contact details to answer support requests, process refunds, and respond to payment disputes/chargebacks.
- Fraud prevention and legal compliance: we use order and payment metadata to detect abuse and to meet tax, accounting, and other legal obligations.
Negotiation / proxy data
- Route the negotiation: we forward your messages to the storefront's chat endpoint, return the merchant's reply to your agent. That's the entire purpose.
- Enforce rate limits: per-IP and per-session caps to prevent abuse.
- Operational debugging: server logs are reviewed when something breaks. Logs are not used for any other purpose.
We do NOT:
- Sell or rent your personal information to third parties.
- Use your order details or negotiation content to train AI models.
- Build advertising profiles or run advertising of any kind.
Who we share data with
We share data only with the service providers needed to complete your order, and only what each one needs:
| Recipient | What they receive | Why |
|---|---|---|
| Stripe | Payment details you enter on Stripe Checkout; order amount | Process your payment, refunds, and disputes |
| The merchant / store you buy from | Your name, email, and shipping address; the items ordered | Fulfill and ship your order; handle returns per their policy |
| Email provider (e.g. Resend) | Your email address and order confirmation content | Send you order/confirmation emails |
| Anthropic (Claude API) | Conversation messages, for Pier39-operated seller agents | Power the AI agent that helps you shop |
| Fly.io (hosting) | Standard network/platform metadata | Run the service |
Each store you buy from is a separate party with its own privacy practices. The Nash directory lists third-party Nash-enabled storefronts, and Nash can also shop stores discovered via live web search. Review their individual privacy policies before shopping — the nash.v1 protocol (and Nash's checkout) creates the channel; it doesn't standardize their data practices.
Data retention
| Data | Retention |
|---|---|
| Order and transaction records (name, email, shipping address, items, payment metadata) | As long as needed to fulfill the order and provide support, and thereafter to meet legal, tax, accounting, refund, and dispute obligations (financial records typically up to 7 years) |
| Active negotiation chat sessions (in memory) | Up to 1 hour idle, then discarded |
| Server access logs (request metadata) | Up to 30 days |
| Anonymized, aggregated request counts | Indefinite |
We do not retain individual negotiation transcripts after a session ends. Payment card details are retained by Stripe under their policy, not by Nash.
Your rights
You can:
- Access or correct your order information, or request deletion of your personal data, by emailing the contact below. We honor deletion requests except where we're legally required to retain certain transaction records (for example, tax and accounting records, or an open refund/dispute).
- Request server log deletion for your IP address by email. We delete on receipt; default retention is already 30 days.
- Stop using Nash at any time. Using the negotiation proxy requires no account.
- Inspect the source code. The proxy and connector are open source at github.com/sanjana-pier39. Verify our claims independently.
Depending on where you live, you may have additional rights (such as under the CCPA/CPRA or GDPR), including the right to know what we hold and to request deletion. Email us to exercise them.
Cookies
The Nash API and proxy endpoints do NOT set advertising or cross-site tracking cookies.
Payment pages are hosted by Stripe Checkout and may set cookies that Stripe needs to process the payment and prevent fraud; those are governed by Stripe's policy.
Third-party services
- Stripe processes payments. See Stripe's privacy policy.
- Fly.io hosts the service; platform metadata is governed by their privacy policy.
- Anthropic Claude API powers seller agents at Pier39-operated stores; Anthropic's usage policies and privacy policy apply to those calls.
- Email delivery (e.g. Resend) sends transactional order emails.
Children
Nash is a commerce service intended for adults who can form a binding contract. It is not directed at children under 13, and we do not knowingly collect data from anyone under 13. If you believe a child has provided us information, contact us and we'll delete it.
Changes to this policy
We'll update this page when we change anything material about data handling. The "Last updated" date at the top reflects the most recent revision. Substantive changes will be announced on our launch surfaces (GitHub releases, blog).
Contact
For privacy questions, data access or deletion requests, or anything else covered above, email sanjana@pier39.ai or open an issue at github.com/sanjana-pier39/pier39-skills/issues.
Summary in one paragraph
Nash helps you shop and check out across many stores from an AI agent. To place an order we collect your name, email, and shipping address, and we charge you through Stripe — Nash never sees your full card number. We share your order with the merchant so they can ship it, with Stripe to take payment, and with our email provider to confirm it. We keep order records as long as the law requires (financial records up to ~7 years), keep server logs up to 30 days, and discard negotiation transcripts when a session ends. We don't sell your data, don't train AI on it, and don't run ads. Each store has its own privacy practices — check theirs too. The code is open source.